Update now! Critical CVSS 10 vulnerability in Ivanti EPM Ivanti has released a fix for CVE-2024-29847, a deserialization of untrusted data flaw that allows remote code execution in its… 2 minutes
Update now! Four zero-days fixed in September Patch Tuesday Microsoft’s September Patch Tuesday covers 79 Microsoft CVEs and includes four actively exploited zero-days. 2 minutes
Ransomware gangs target SonicWall vulnerability SonicWall is urging customers affected by CVE-2024-40766 to "please apply the patch as soon as possible." 2 minutes
Patch now! Zero-day used to target ISPs and MSPs A patch is now available for a high severity vulnerability in Versa Director that can be used to compromise ISPs,… 2 minutes
What is a path traversal vulnerability? What are path or directory traversal vulnerabilities, and how can you protect against them? 3 minutes
Patch, but don’t be scared! OpenSSH bug is back from the dead A vulnerability from 2006 has come back to life to haunt installations of the widely-used secure shell. 2 minutes
Upgrade now! Juniper releases patch for critical authentication bypass Juniper Networks has released an out-of-cycle upgrade for a CVSS 10 vulnerability. 1 minute
Old, critical Firefox updates STILL need patching It isn't just Chrome that organizations are struggling to keep updated. 2 minutes
Upgrade now! Critical Fortra FileCatalyst Workflow vulnerability needs your attention An SQL injection vulnerability in Forta’s FileCatalyst Workflow has a CVSS score of 9.8 and a working proof-of-concept exploit. 1 minute
GrimResource MSC attack uses 5-year-old vulnerability Cybercriminals' search for an alternative to Office macros has brought them to MSC files used by the Microsoft Management Console. 2 minutes